Revbump for CVE-2008-{1806,1807,1808}, bug #225851.

Package-Manager: portage-2.2_rc1/cvs/Linux 2.6.25.8 i686

4 files changed, 198 insertions, 2 deletions

diff --git a/media-libs/freetype/ChangeLog b/media-libs/freetype/ChangeLog
index 401cfc7569e3..e6e70de85886 100644
--- a/media-libs/freetype/ChangeLog
+++ b/media-libs/freetype/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for media-libs/freetype
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.195 2008/07/02 13:17:45 ranger Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/ChangeLog,v 1.196 2008/07/06 22:39:29 loki_val Exp $
+
+*freetype-1.4_pre20080316-r1 (06 Jul 2008)
+
+  06 Jul 2008; Peter Alfredsen <loki_val@gentoo.org>
+  +files/freetype-1.4_pre20080316-CVE-2008-1808.patch,
+  +freetype-1.4_pre20080316-r1.ebuild:
+  Revbump for CVE-2008-{1806,1807,1808}, bug #225851.
 
   02 Jul 2008; Brent Baude <ranger@gentoo.org> freetype-2.3.7.ebuild:
   stable ppc, bug 230037
diff --git a/media-libs/freetype/Manifest b/media-libs/freetype/Manifest
index 1ffade3bd152..c8f67abc8485 100644
--- a/media-libs/freetype/Manifest
+++ b/media-libs/freetype/Manifest
@@ -5,6 +5,7 @@ AUX freetype-1.4_pre-malloc.patch 494 RMD160 179fb32b4a0181d453b3773ef97f5224d8e
 AUX freetype-1.4_pre-silence-strict-aliasing.patch 9450 RMD160 75c0f05c04dd8ef849b0234a269a577f5fa889fe SHA1 bad2209c104c88ec361ab00c885e2f9f67fc1d39 SHA256 73c1fe056dc21200251f2d13b8af26fd9efee8583cdbade16e6134e79fc28ee8
 AUX freetype-1.4_pre-ttf2pk-tetex-3.patch 13454 RMD160 e92964fe510825687548f575a6752292b809b947 SHA1 77aed4bc52fc3d5698402e4ae037258e2a069fae SHA256 1ff2c6842c654656bd2b97a69afd443d56b25b8a62b514b0026653692546ee84
 AUX freetype-1.4_pre-ttf2tfm-segfault.patch 671 RMD160 bdb25be0640ee446550e8744b17572ea332d3f39 SHA1 0038e8634071501a6a0b8799b5256beae86616a8 SHA256 bfe6248b29cad47dd74b0eb42d7952bf7cd45e9f4e57248d66f76631a5ba7ca7
+AUX freetype-1.4_pre20080316-CVE-2008-1808.patch 2595 RMD160 beb43899f15f92a25c32773d7b9618d92e718a06 SHA1 58c9ada82e84ad8c8a0c2209d8642a338cb90f88 SHA256 c78403687ed4519ecc8f53e3eddeaf991ce28a07c80a546a5d9a519b8f333e79
 AUX freetype-2.1.10-fix_synth.patch 919 RMD160 85cea83ecb4d63660470519d40095ee5ae39f9e2 SHA1 eab0ee7b80ea927fe715df6ba7f9a5a7a864b1ce SHA256 416e34b095449d8981678225597eb12d0f0cc8a258c430d4061254303687443c
 AUX freetype-2.1.10-internal_header.patch 667 RMD160 c1959d97a8588e8efec6cfc5dde79ac5ff6552ef SHA1 693dd29284f8ced58a9b4610db0bd57c24836655 SHA256 da72ae11e658332a0e22bc0fd69c9d0c89d61dcbd376243b6dface7b33b8d239
 AUX freetype-2.1.10-revert_pointer.patch 544 RMD160 7295ee885d3377cf8d76df1aa85d9d8c2dba3e51 SHA1 52e3e79f75cdd3eedfff52aba4646241b8a67f46 SHA256 47805b36c85b9d63b161757c0a7fa399c2320182b423db88909056712f426838
@@ -28,11 +29,12 @@ DIST ft2demos-2.3.5.tar.bz2 157557 RMD160 7620d829a86d4125bc08d949cee13f8c383f6d
 DIST ft2demos-2.3.6.tar.bz2 158332 RMD160 776dbf3eac26e602091bd4e3dfc8b07ca7a52aa0 SHA1 f2b88207c7c2424a315a03f36b6ad52555ef2cfc SHA256 3a232cd0719ad01301eab90fcf05fd4206a32a973a9c7d5b5c6a01dd32fc6cb6
 DIST ft2demos-2.3.7.tar.bz2 158328 RMD160 a68483711d1ef1867361fe7f74745df982cdbf09 SHA1 e7c7f2a2077b055d0ad11bdc90bc2ebd0d879b5e SHA256 944f0d24df4706c8a077c5d184a42822aaa0a2fbb8b67abe7c0d6920317cd499
 EBUILD freetype-1.3.1-r5.ebuild 3271 RMD160 1d83221c1d429da9d3f32c1c103cf11a21c9d35a SHA1 87c9404f6f2ef07a87dc3948d88bf3346b829259 SHA256 4a6887774ec8cfee8a27000696a7219819e23e36580c6efc840b563b72af3e98
+EBUILD freetype-1.4_pre20080316-r1.ebuild 3325 RMD160 a47dc17c42f0d448c6dd0d408c9096d01143df5e SHA1 d4fb0519fd2a5e644e082d8ec056559b60bf18f4 SHA256 4ce796466c4f894c389926f14b2db7dbf0e6e71c3319e5b8d20a9897f4f57f1e
 EBUILD freetype-1.4_pre20080316.ebuild 3200 RMD160 00a80ba92a5dd60c7e05ed4c280a62d2d30f1bf2 SHA1 0caf0e716ec4d822993b0448e2da79acb540079b SHA256 7b993b75483603ec0889dfb2b6da67e68a807d0dafbbc9de99ffc1f361661360
 EBUILD freetype-2.1.10-r3.ebuild 2304 RMD160 ef35e9ca9caa02fb428c0df72e56d57770e48f3b SHA1 6d9c672fdcc174f362338dd12e5e1a60f223af46 SHA256 6a2a0e3d214755a501ccab1f94950ec3624b50fdd614168a80a85a632e16dbe9
 EBUILD freetype-2.3.5-r2.ebuild 3259 RMD160 a3f00c95b97eea8930bb107a076a52299c30007e SHA1 8586435b258e455c0a9f5eef85932f380ab97ba7 SHA256 35b7a4eb11c52ddd7297e031ae09e681fb08974a8885800c2a0f00249c0a5a2d
 EBUILD freetype-2.3.6-r1.ebuild 3257 RMD160 027fe955a3374bacfba6a3601063210d0db76ba1 SHA1 fec92632a2d8795215dd6670688959f6a57a910f SHA256 19a47d3aa6ec9bac56f8a6d8e2c7454b72d51ff757e9bdf214f0efdc13eaec40
 EBUILD freetype-2.3.6.ebuild 3198 RMD160 6015bef3b39a3875e835e2a281db299d9f44b601 SHA1 6c781e5470b8369e6e07187b044cedd703f5aac4 SHA256 1fa9eedee51da5992ba7ed2564efcb64884826bd6faa4facd124e647b49eec33
 EBUILD freetype-2.3.7.ebuild 3194 RMD160 26ceaa9449bfd93c1b01fd2188801f45411e4423 SHA1 58cde595357bb94b38290e2ebe031130e195a368 SHA256 0c9587bd610e8e0a1cf3f1e7bf425f14133613193376f037058e845340e2c568
-MISC ChangeLog 29535 RMD160 2f40388b45f69027133e9593c0428515830aa754 SHA1 d369cd707dda122453e9f9c37064129f8b7b0126 SHA256 67e6fcb248ef8450e75d8142c4bfbbc719a90453a255d77a67b949d018b81c01
+MISC ChangeLog 29783 RMD160 0c22bb313a182aa4d27a419643545c5ed8e747ec SHA1 0a0a580ae675e67f9bb3925541b963d1a45ef5c9 SHA256 53b0ec9ad05a5542acb0e25afc0e46a7d532f3f4d2d631ac3ef3edcc1bcbdc57
 MISC metadata.xml 294 RMD160 bdd1ff0021461f60ca339328cbf2f5d6e43dfab1 SHA1 06b1fc585d6f6b8653d51f820bb053af86201c66 SHA256 257ee4e67ab59aceaa72c8eafe7c7722368c3e90f766a94efc0db3d39808ec6d
diff --git a/media-libs/freetype/files/freetype-1.4_pre20080316-CVE-2008-1808.patch b/media-libs/freetype/files/freetype-1.4_pre20080316-CVE-2008-1808.patch
new file mode 100644
index 000000000000..cbe8884d541c
--- /dev/null
+++ b/media-libs/freetype/files/freetype-1.4_pre20080316-CVE-2008-1808.patch
@@ -0,0 +1,69 @@
+diff -up freetype-1.3.1/lib/ttfile.c~ freetype-1.3.1/lib/ttfile.c
+--- freetype-1.3.1/lib/ttfile.c~	2008-06-14 09:51:56.000000000 +0200
++++ freetype-1.3.1/lib/ttfile.c	2008-06-14 09:51:56.000000000 +0200
+@@ -931,6 +931,9 @@
+   EXPORT_FUNC
+   TT_Error  TT_Skip_File( STREAM_ARGS Long  distance )
+   {
++    if ( distance < 0 )
++      return TT_Err_Invalid_File_Offset;
++
+     return TT_Seek_File( STREAM_VARS ftell( CUR_Stream->file ) -
+                                      CUR_Stream->base + distance );
+   }
+diff -up freetype-1.3.1/lib/ttinterp.c~ freetype-1.3.1/lib/ttinterp.c
+--- freetype-1.3.1/lib/ttinterp.c~	2008-06-14 09:56:48.000000000 +0200
++++ freetype-1.3.1/lib/ttinterp.c	2008-06-14 09:56:48.000000000 +0200
+@@ -4144,7 +4144,7 @@
+ 
+     /* XXX: this is probably wrong... at least it prevents memory */
+     /*      corruption when zp2 is the twilight zone              */
+-    if ( last_point > CUR.zp2.n_points )
++    if ( BOUNDS ( last_point , CUR.zp2.n_points ) )
+     {
+       if ( CUR.zp2.n_points > 0 )
+         last_point = CUR.zp2.n_points - 1;
+diff -up freetype-1.3.1/lib/ttload.c~ freetype-1.3.1/lib/ttload.c
+--- freetype-1.3.1/lib/ttload.c~	2008-06-14 09:37:02.000000000 +0200
++++ freetype-1.3.1/lib/ttload.c	2008-06-14 09:46:33.000000000 +0200
+@@ -284,6 +284,12 @@
+ 
+     /* read frame data into face table */
+     maxProfile->version               = GET_ULong();
++    
++    if (maxProfile->version < 0x10000L)
++    {
++      PERROR(( "!! invalid file format" ));
++      return TT_Err_Invalid_File_Format;
++    }
+ 
+     maxProfile->numGlyphs             = GET_UShort();
+ 
+@@ -294,6 +300,14 @@
+ 
+     maxProfile->maxZones              = GET_UShort();
+     maxProfile->maxTwilightPoints     = GET_UShort();
++    /* we add 4 phantom points later */
++    if ( maxProfile->maxTwilightPoints > ( 0xFFFFU - 4 ) )
++    {
++      PERROR(( "Too much twilight points in `maxp' table;\n" ));
++      PERROR(( "  some glyphs might be rendered incorrectly.\n" ));
++ 
++      maxProfile->maxTwilightPoints = 0xFFFFU - 4;
++    }
+ 
+     maxProfile->maxStorage            = GET_UShort();
+     maxProfile->maxFunctionDefs       = GET_UShort();
+@@ -330,8 +344,10 @@
+      
+     /* We also increase maxPoints and maxContours in order to support */
+     /* some broken fonts.                                             */
+-    face->maxPoints   += 8;
+-    face->maxContours += 4;
++    if ( face->maxPoints < ( 0xFFFFU - 8 ) )
++      face->maxPoints   += 8;
++    if ( face->maxContours < ( 0xFFFFU - 4 ) )
++      face->maxContours += 4;
+ 
+     PTRACE2(( "GASP loaded.\n" ));
+     return TT_Err_Ok;
diff --git a/media-libs/freetype/freetype-1.4_pre20080316-r1.ebuild b/media-libs/freetype/freetype-1.4_pre20080316-r1.ebuild
new file mode 100644
index 000000000000..a6c293e6119b
--- /dev/null
+++ b/media-libs/freetype/freetype-1.4_pre20080316-r1.ebuild
@@ -0,0 +1,118 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/freetype/freetype-1.4_pre20080316-r1.ebuild,v 1.1 2008/07/06 22:39:29 loki_val Exp $
+
+WANT_AUTOCONF="2.1"
+
+inherit autotools eutils libtool multilib
+
+DESCRIPTION="Freetype font rendering engine"
+HOMEPAGE="http://www.freetype.org/"
+SRC_URI="mirror://gentoo/${P}.tar.bz2"
+
+LICENSE="FTL"
+SLOT="1"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="doc nls kpathsea"
+
+COMMON_DEPEND="kpathsea? ( virtual/tex-base )"
+RDEPEND="${COMMON_DEPEND}
+	nls? ( sys-devel/gettext )"
+DEPEND="${COMMON_DEPEND}
+	>=sys-devel/autoconf-2.59"
+
+S="${WORKDIR}"/${PN}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	# remove unneeded include for BSD (#104016)
+	epatch "${FILESDIR}"/freetype-1.4_pre-malloc.patch
+
+	# fix ttf2pk to work with tetex 3.0
+	epatch "${FILESDIR}"/freetype-1.4_pre-ttf2pk-tetex-3.patch
+
+	# fix segfault due to undefined behaviour of non-static structs
+	epatch "${FILESDIR}"/freetype-1.4_pre-ttf2tfm-segfault.patch
+
+	# silence strict-aliasing warnings
+	epatch "${FILESDIR}"/freetype-1.4_pre-silence-strict-aliasing.patch
+
+	# add DESTDIR support to contrib Makefiles
+	epatch "${FILESDIR}"/freetype-1.4_pre-contrib-destdir.patch
+
+	# Fix for CVE 2008-1808, bug 225851
+	epatch "${FILESDIR}"/${P}-CVE-2008-1808.patch
+
+	# disable tests (they don't compile)
+	sed -i -e "/^all:/ s:tttest ::" Makefile.in
+
+	eautoreconf
+	elibtoolize
+
+	# contrib isn't compatible with autoconf-2.13
+	unset WANT_AUTOCONF
+
+	for x in ttf2bdf ttf2pfb ttf2pk ttfbanner; do
+		cd "${S}"/freetype1-contrib/${x}
+		eautoconf
+	done
+}
+
+src_compile() {
+	use kpathsea && kpathseaconf="--with-kpathsea-lib=/usr/$(get_libdir) --with-kpathsea-include=/usr/include"
+
+	# core
+	einfo "Building core library..."
+	econf $(use_enable nls) || die "econf failed"
+	emake || die "emake failed"
+
+	# contrib
+	cd "${S}"/freetype1-contrib/ttf2pk
+	einfo "Building ttf2pk..."
+	econf ${kpathseaconf} || die "econf ttf2pk failed"
+	emake || die "emake ttf2pk failed"
+	for x in ttf2bdf ttf2pfb ttfbanner; do
+		cd "${S}"/freetype1-contrib/${x}
+		einfo "Building ${x}..."
+		econf || die "econf ${x} failed"
+		emake || die "emake ${x} failed"
+	done
+}
+
+src_install() {
+	dodoc announce PATENTS README docs/*.txt docs/FAQ
+	use doc && dohtml -r docs
+
+	# core
+	# Seems to require a shared libintl (getetxt comes only with a static one
+	# But it seems to work without problems
+	einfo "Installing core library..."
+	cd "${S}"/lib
+	emake -f arch/unix/Makefile \
+		prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install \
+			|| die "lib install failed"
+
+	# install po files
+	einfo "Installing po files..."
+	cd "${S}"/po
+	emake prefix="${D}"/usr libdir="${D}"/usr/$(get_libdir) install \
+		|| die "po install failed"
+
+	# contrib (DESTDIR now works here)
+	einfo "Installing contrib..."
+	for x in ttf2bdf ttf2pfb ttf2pk ttfbanner; do
+		cd "${S}"/freetype1-contrib/${x}
+		emake DESTDIR="${D}" install || die "${x} install failed"
+	done
+
+	# tex stuff
+	if use kpathsea; then
+		cd "${S}"/freetype1-contrib
+		insinto /usr/share/texmf/ttf2pk
+		doins ttf2pk/data/* || die "kpathsea ttf2pk install failed"
+		insinto /usr/share/texmf/ttf2pfb
+		doins ttf2pfb/Uni-T1.enc || die "kpathsea ttf2pfb install failed"
+	fi
+}